[isalist] Re: DHCP VPN Questions

• From: Steven Comeau <scomeau@xxxxxxxxxxxxxxxxxx>
• To: "isalist@xxxxxxxxxxxxx" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 4 Mar 2009 17:07:04 -0500

Thanks Jim!

You know, now that I think about it, I should have Googled the DHCP question 
since it really was that and not particularly an ISA issue.  Just goes to show 
how multifaceted youze guys are!

Steve Comeau
Associate Director of IT
Rutgers Athletics
83 Rockafeller Road
Piscataway, NJ  08854
732-445-7802
732-445-4623 (fax)
www.scarletknights.com<http://www.scarletknights.com>


[cid:image001.jpg@01C99CEB.2DF35860]


 From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Jim Harrison
Sent: Wednesday, March 04, 2009 4:51 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: DHCP VPN Questions

To disable rogue DHCP detection:

1.       add the following DWORD value in the DHCP server registry:
a.       Start Registry Editor (Regedt32.exe).
b.      Locate and click the following key in the registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dhcpserver\Parameters
c.       On the Edit menu, click Add Value, and then add the following registry 
value:
Value name: DisableRogueDetection
Data type: REG_DWORD
Radix: Binary
Value data: (Hexadecimal) 1, which will be saved as 0x00000001
d.      Quit Registry Editor.

2.       From a command window, type
a.       Net stop dhcpsvc
b.      Net start dhcpsvc

JimmyJoeBob Alooba
Office 2007 on Win7 Beta



From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Steven Comeau
Sent: Wednesday, March 04, 2009 6:57 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] DHCP VPN Questions

I have ISA 2006 (on Server 2003, SP2, non-AD Domain) and have a DHCP server 
(internal) running to one of the NICs that I have for a Private network.  To 
avoid the DHCP server from going offline - due to a request to be Authenticated 
when it senses an AD Domain on one of the other Private space NICs that does 
have a Active Directory (AD) Domain, in the System Policy Editor, I have 
disabled the DHCP Configuration group and placed a rule to allow the DHCP 
(Local Host) to receive/send DHCP requests/replies to the non-AD NIC.

However, in doing that, whenever someone VPNS in, using the ISA server, I 
cannot get an IP address from the DHCP server on the AD NIC side (which is 
where I want to route VPN connections) - I get a 169 address.  To get the VPN 
clients to receive an IP address on the AD side, should I create a rule to/from 
the VPN Clients to/from the AD side (request/reply) or to/from Local Host 
to/from the AD side.  Again, I want to be able to use the DHCP server on the 
ISA server ONLY (Local Host) for the one Private network (the non-AD one) 
without it contacting the side with the AD Domain because it will shut off the 
DHCP server due to it being in an AD Domain but not Authenticated.

Thanks.

Steve Comeau
Associate Director of IT
Rutgers Athletics
83 Rockafeller Road
Piscataway, NJ  08854
732-445-7802
732-445-4623 (fax)
www.scarletknights.com<http://www.scarletknights.com>


[cid:image001.jpg@01C99CEB.2DF35860]




***  This message contains confidential information and is

intended only for the individual named. If you are not the

named addressee, you should not disseminate, distribute or

copy this e-mail. Please notify the sender immediately by

e-mail if you have received this e-mail by mistake and delete

this e-mail from your system. E-mail transmission cannot be

guaranteed to be secure or error-free as information could be

intercepted, corrupted, lost, destroyed, arrive late or

incomplete, or contain viruses.  The sender therefore does not

accept liability for any errors or omissions in the contents of

this message, which arise as a result of e-mail transmission.

If verification is required please request a hard-copy version.

Rutgers University - DIA

83 Rockafeller Road

Piscataway, NJ 08854

www.scarletknights.com ***



***  This message contains confidential information and is
intended only for the individual named. If you are not the
named addressee, you should not disseminate, distribute or
copy this e-mail. Please notify the sender immediately by
e-mail if you have received this e-mail by mistake and delete
this e-mail from your system. E-mail transmission cannot be
guaranteed to be secure or error-free as information could be 
intercepted, corrupted, lost, destroyed, arrive late or
incomplete, or contain viruses.  The sender therefore does not
accept liability for any errors or omissions in the contents of
this message, which arise as a result of e-mail transmission.
If verification is required please request a hard-copy version.
Rutgers University - DIA
83 Rockafeller Road
Piscataway, NJ 08854
www.scarletknights.com *** 

• Follow-Ups:
  • [isalist] Re: DHCP VPN Questions
    • From: Jim Harrison

• References:
  • [isalist] ISA Quarantine 2004 to 2006
    • From: Syed, Mohsin Ali
  • [isalist] Re: ISA Quarantine 2004 to 2006
    • From: Thomas W Shinder
  • [isalist] DHCP VPN Questions
    • From: Steven Comeau
  • [isalist] Re: DHCP VPN Questions
    • From: Jim Harrison

Other related posts:

• » [isalist] DHCP VPN Questions- Steven Comeau
• » [isalist] Re: DHCP VPN Questions- Jim Harrison
• » [isalist] Re: DHCP VPN Questions - Steven Comeau
• » [isalist] Re: DHCP VPN Questions- Jim Harrison

1. Home
2. isalist
3. Archive
4. 03-2009

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---